- The FBI issued a warning about a Chinese ransom group called Ghost.
- Ghost attacked the critical infrastructure, schools and companies in more than 70 countries.
- The FBI is advised to use multi -factor safety updates to prevent ransom attacks.
The FBI warns of a new group of Ransomware pirates called “Ghost”.
The FBI published a Security consultations With the Cyber Security Agency and the infrastructure, which said that the group began to attack the organizations indiscriminately in more than 70 countries starting in 2021. The warning from the FBI and Cisa says that Ghost is now one of the best ransom groups, and targets organizations all over the world recently. As January.
“The ghost actors, located in China, are conducting these widespread attacks to achieve financial gains,” the report says. “Among the affected victims are critical infrastructure, schools, universities, health care, government networks, religious institutions, technology, manufacturing companies and many small and medium -sized companies.”
Ransomware is a type of malware that allows bad actors to encrypt the victim’s data until they pay a ransom. Ransomware attacks have become more common in recent years, which sometimes target large governmental companies or infrastructure.
In February 2024, a ransom attack against the health care chain, with a payment arm of the giant healthcare group, briefly in the pharmacy industry after it caused a great accumulation to fill customer subscriptions.
Most of Ransomware uses hunting methods, sending false messages to victims in the hope that they will click on a link and install harmful programs on their devices.
However, infiltrators in Ghost Group use the code available to the public to exploit common weaknesses in institutions that were not removed by updated corrections, says the FBI.
“The FBI has noticed the ghosts that get primary access to networks by exploiting the applications facing the year related to several weaknesses and joint exposure,” says the warning.
The FBI said in warning that ghost attackers usually claim that they will sell the stolen victim’s data if they do not pay a ransom. However, the agency said it “does not give up a large amount of information or files, such as intellectual property or personal information that may cause great harm to victims if they are leaked.”
The FBI recommends consulting the Stopransomware guide for comprehensive information on how to protect companies from ransom attacks.
Some tips are to combat shared ransom tactics to maintain backup copies of the regular system of sensitive information, known weaknesses of the system with safety updates and use multiple authentication agents resistant to hunting in the company’s e -mail accounts.
The FBI recommends reporting to any agency’s Ransomwari attacks. In security consultations, the FBI said it is especially interested in “any information that can be shared, including records that show communication to and from foreign IP addresses, a sample ransom note, communications with threat representatives, Bitcoin portfolio information, and/or decryptor files .
